Report - ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v

Report Overview

Submitted URL
ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
IP
52.51.27.131
ASN
#16509 AMAZON-02
Submitted
2023-05-26 08:03:13
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2023-05-25	552 B	2.3 kB	142.250.74.74
translate.google.com	1156	1997-09-15	2012-05-30	2023-05-25	472 B	80 kB	216.58.211.14
cdnjs.claudflare.io	unknown	2021-08-09	2021-08-12	2023-05-22	466 B	92 kB	206.189.196.86
route.frest.pro	unknown	2022-10-19	2023-01-02	2023-05-24	544 B	742 B	104.21.77.196
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-25	1.1 kB	7.6 kB	142.250.74.35
ptm.totalhighlyefficientdefence.site	unknown	2023-01-04	2023-01-05	2023-05-05	616 B	5.9 kB	52.51.27.131
translate.googleapis.com	1005	2005-01-25	2012-05-31	2023-05-25	1.8 kB	79 kB	142.250.74.74
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06	2023-05-25	4.4 kB	30 kB	95.101.10.67
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-25	3.3 kB	7.0 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-25	3.2 kB	89 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-26	medium	claudflare.io

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	cdn-adef.akamaized.net/landings/277880/1672929850/js/site-protect2.0.js?1672929850	3.1 kB	2023-03-07	2024-03-03
Pretty URL cdn-adef.akamaized.net/landings/277880/1672929850/js/site-protect2.0.js?1672929850 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-03-03 21:18:43 Times Seen271 Hash fc96ab06b0f9fcea6731405215ae5daf 8af9f27d895eb69754919a2fc0d74760fecd3860 9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e Loading...

	cdn-adef.akamaized.net/landings/277880/1672929850/js/second_back_multi.js?1672929850	2.2 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/277880/1672929850/js/second_back_multi.js?1672929850 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-02-28 14:02:55 Times Seen141 Hash 4034050f2be05cd41b77c4bb153f89eb 395187f1b6ad0a67fcdede70756a1c455903d84d 717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60 Loading...

	ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v	654 B	2023-04-09	2024-02-28
Pretty URL ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v IP 52.51.27.131 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 07:00:51 Last Seen2024-02-28 13:42:11 Times Seen13 Hash 72b5b8b1f950721e729519a81907197a 61168b6905f4d568545da5a8b17aa08aeb07cdf0 856d9fb75a5a8efe476edc9cc8d6d7ac1b88d202bca915a1a02adf1ed2050514 Loading...

	cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672929850	92 kB	2023-04-18	2023-05-26
Pretty URL cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672929850 IP 206.189.196.86 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 16:54:49 Last Seen2023-05-26 10:03:14 Times Seen6 Hash c8cd1d171d2f9b2297250ce8808385eb 5e09427e80066156f0b5d4916982d70ed64a9b17 5c2c0bb8c88580c3a8edd2039a81971a50905f0e60484c7b3151450de42531a8 Loading...

	cdn-adef.akamaized.net/landings/277880/1672929850/js/translete.js?1672929850	1.4 kB	2023-03-07	2024-04-06
Pretty URL cdn-adef.akamaized.net/landings/277880/1672929850/js/translete.js?1672929850 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-06 19:00:00 Times Seen122 Hash ec54980cfed635492cef5628111560d2 a5dbc3628701447711d16decd4409070c9967714 b402b988b04cea3b1ba157a14aa973998a6f5cad4d079dfc81622d77c3ba7558 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_main	218 kB	2023-05-26	2023-06-05
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_main IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 03:31:46 Last Seen2023-06-05 23:38:25 Times Seen1128 Hash e573f520bd8dcdfb40e91a9e0e66e527 7182f9fdf1d72c2f42cbbfda617cb81e34a44044 366f944dab73002110a6add4e66a3eb915695bc4f1244da14080a4bc248880c6 Loading...

	cdn-adef.akamaized.net/landings/277880/1672929850/js/js.cockie.min.js?1672929850	2.3 kB	2023-03-07	2024-03-03
Pretty URL cdn-adef.akamaized.net/landings/277880/1672929850/js/js.cockie.min.js?1672929850 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-03-03 21:18:43 Times Seen100 Hash ee34078cc4ca5f836c668cdabfea8637 5e344a985d5544b25695323eecf113e5f147767a 2977fda7a224fff42e1ff6b1d7a93448597c69555326e14a147abc6cab313ed7 Loading...

	ptm.totalhighlyefficientdefence.site/_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_conf	80 kB	2023-05-26	2023-05-26
Pretty URL ptm.totalhighlyefficientdefence.site/_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 10:03:14 Last Seen2023-05-26 10:39:08 Times Seen6 Hash 062e08e0043f6d96a75d32196dae474e a0284e4fd50152a7b13e635d721a7c95f66310c0 c5b86fefeea365e4a14a28bb31882ddd3f4e357f049394cfd7f227781c20cf46 Loading...

HTTP Transactions (35)

URL IP Response Size

cdn-adef.akamaized.net/landings/277880/1672929850/js/js.cockie.min.js?1672929850

95.101.10.67

200 OK

921 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/js/js.cockie.min.js?1672929850
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text
Size
921 B (921 bytes)
Hash
ee34078cc4ca5f836c668cdabfea8637
5e344a985d5544b25695323eecf113e5f147767a
2977fda7a224fff42e1ff6b1d7a93448597c69555326e14a147abc6cab313ed7

HTTP Headers

GET /landings/277880/1672929850/js/js.cockie.min.js?1672929850 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 58rWneoDvcrI7SWU/O5CkXtlMlbOoc1vqnNTT9s4568XbXd2Mfh7/WirrpCPMEgK92u9GYd6/hI=
x-amz-request-id: E9D1P320B103PGHX
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "ee34078cc4ca5f836c668cdabfea8637"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 26 May 2023 08:02:56 GMT
Content-Length: 921
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277880/1672929850/js/translete.js?1672929850

95.101.10.67

200 OK

559 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/js/translete.js?1672929850
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text
Size
559 B (559 bytes)
Hash
ec54980cfed635492cef5628111560d2
a5dbc3628701447711d16decd4409070c9967714
b402b988b04cea3b1ba157a14aa973998a6f5cad4d079dfc81622d77c3ba7558

HTTP Headers

GET /landings/277880/1672929850/js/translete.js?1672929850 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: jphdU1N915czhz0XEVPUjvvscWJEPM4bcYGwX7hYDciOOaqjcWNC900NP0bgJCfkbDqDJBOZJ80=
x-amz-request-id: EZK9RDA89E2APVDP
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "ec54980cfed635492cef5628111560d2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 26 May 2023 08:02:56 GMT
Content-Length: 559
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277880/1672929850/js/site-protect2.0.js?1672929850

95.101.10.67

200 OK

1.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/js/site-protect2.0.js?1672929850
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1068 bytes)
Hash
fc96ab06b0f9fcea6731405215ae5daf
8af9f27d895eb69754919a2fc0d74760fecd3860
9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e

HTTP Headers

GET /landings/277880/1672929850/js/site-protect2.0.js?1672929850 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: sYoCxw7BChydrVz3V/D22hSG/TEKObAOfJ+2QmzuIcvpQDzpFuLhEOnWBkmm1py4nbkrbPGggAY=
x-amz-request-id: EZKF3SDX5K61X8G3
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "fc96ab06b0f9fcea6731405215ae5daf"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 26 May 2023 08:02:56 GMT
Content-Length: 1068
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277880/1672929850/js/second_back_multi.js?1672929850

95.101.10.67

200 OK

779 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/js/second_back_multi.js?1672929850
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
HTML document, ASCII text
Size
779 B (779 bytes)
Hash
4034050f2be05cd41b77c4bb153f89eb
395187f1b6ad0a67fcdede70756a1c455903d84d
717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60

HTTP Headers

GET /landings/277880/1672929850/js/second_back_multi.js?1672929850 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 7d8wnCIuhPGm4SNabXqgzRGEwhwVf+Qt1IHPeFqkTVNymEm/jxfDbr3KSqbm9fGOLzGJF9LtffY=
x-amz-request-id: EZKFYJW58HBYT4F8
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "4034050f2be05cd41b77c4bb153f89eb"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 26 May 2023 08:02:56 GMT
Content-Length: 779
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277880/1672929850/css/style.css?1672929850

95.101.10.67

200 OK

2.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/css/style.css?1672929850
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2072 bytes)
Hash
5bed53ec2acdb0d3942f5aad30cf38ef
b91e33fc134e51aea656b0a94d63df04a8456675
ab74489bd7cfaf882a6244d8bd14c6c5755d87b85f92c4cf1b122d7a6fbb8803

HTTP Headers

GET /landings/277880/1672929850/css/style.css?1672929850 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: ri5YcuXZ197Ax7N6jkxHd2SCjUicP/HjZEllLyEAbj0OxmRVvy5hJyEYThem8hYvxsgOmjqSD2M=
x-amz-request-id: EZKA8TPTCBV00GM7
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "5bed53ec2acdb0d3942f5aad30cf38ef"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 26 May 2023 08:02:56 GMT
Content-Length: 2072
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672929850

206.189.196.86

200 OK

92 kB

URL GET HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672929850
IP
206.189.196.86:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerLet's Encrypt
Subjectcdnjs.claudflare.io
FingerprintBF:D4:AB:9A:D0:EB:75:E1:A0:33:BA:D0:58:58:99:64:E0:75:B9:0C
ValidityThu, 06 Apr 2023 22:54:27 GMT - Wed, 05 Jul 2023 22:54:26 GMT

File type
ASCII text, with very long lines (65447)
Size
92 kB (92013 bytes)
Hash
c8cd1d171d2f9b2297250ce8808385eb
5e09427e80066156f0b5d4916982d70ed64a9b17
5c2c0bb8c88580c3a8edd2039a81971a50905f0e60484c7b3151450de42531a8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1672929850 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 26 May 2023 08:02:57 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Fri, 26 May 2023 20:02:57 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6511d19b553fc77eb29bc4565edc46e0
e88a49981040eab52449d8cf558e0ed29d862927
6c5e6e9dde465dbaeadb02409d89f6ffece3748be3e37ae0d410474391e9e90a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6511d19b553fc77eb29bc4565edc46e0
e88a49981040eab52449d8cf558e0ed29d862927
6c5e6e9dde465dbaeadb02409d89f6ffece3748be3e37ae0d410474391e9e90a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6511d19b553fc77eb29bc4565edc46e0
e88a49981040eab52449d8cf558e0ed29d862927
6c5e6e9dde465dbaeadb02409d89f6ffece3748be3e37ae0d410474391e9e90a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6511d19b553fc77eb29bc4565edc46e0
e88a49981040eab52449d8cf558e0ed29d862927
6c5e6e9dde465dbaeadb02409d89f6ffece3748be3e37ae0d410474391e9e90a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:44:41 GMT
expires: Sun, 19 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 519496
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6511d19b553fc77eb29bc4565edc46e0
e88a49981040eab52449d8cf558e0ed29d862927
6c5e6e9dde465dbaeadb02409d89f6ffece3748be3e37ae0d410474391e9e90a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 210197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 03:11:48 GMT
expires: Sun, 19 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 535869
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 08:09:04 GMT
expires: Sun, 19 May 2024 08:09:04 GMT
cache-control: public, max-age=31536000
age: 518033
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Size
17 kB (17336 bytes)
Hash
eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

HTTP Headers

GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:00:19 GMT
expires: Sun, 19 May 2024 10:00:19 GMT
cache-control: public, max-age=31536000
age: 511358
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6511d19b553fc77eb29bc4565edc46e0
e88a49981040eab52449d8cf558e0ed29d862927
6c5e6e9dde465dbaeadb02409d89f6ffece3748be3e37ae0d410474391e9e90a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v

52.51.27.131

200 OK

5.3 kB

URL User Request GET HTTP/2
ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
IP
52.51.27.131:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectptm.totalhighlyefficientdefence.site
Fingerprint6C:44:B8:57:B1:B1:95:38:CF:7B:C9:26:FA:24:C3:7D:00:FB:7F:A6
ValidityTue, 21 Mar 2023 00:31:17 GMT - Mon, 19 Jun 2023 00:31:16 GMT

File type
gzip compressed data, from Unix\012- data
Size
5.3 kB (5342 bytes)
Hash
2cd6fd4d1b682ddb503d7b6a213ab85e
a79dd4bcab0111b6bfd280ba0c93153c4f1ec344
46e2a626ed011722764a88b041f5379dd3e4966e5662b7a20ffb9f7b0a876900

HTTP Headers

GET /c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v HTTP/1.1
Host: ptm.totalhighlyefficientdefence.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 May 2023 08:02:55 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=647067af00060d41; Path=/; Expires=Tue, 25 Jul 2023 08:02:55 GMT; Secure; SameSite=None
unique_id2=647067af0006155c; Path=/; Expires=Thu, 24 Aug 2023 08:02:55 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Fri, 26 May 2023 08:02:55 GMT; Secure; SameSite=None
647067af0006155c_sl=[277880]; Path=/; Expires=Fri, 09 Jun 2023 08:02:55 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

route.frest.pro/is_redirect

104.21.77.196

200 OK

17 B

URL POST HTTP/2
route.frest.pro/is_redirect
IP
104.21.77.196:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subjectfrest.pro
FingerprintBF:79:17:15:EB:F6:8D:E0:44:93:02:1B:18:9B:0E:C8:06:68:24:E1
ValidityFri, 14 Apr 2023 08:42:39 GMT - Thu, 13 Jul 2023 08:42:38 GMT

File type
JSON data\012- , ASCII text
Size
17 B (17 bytes)
Hash
6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 May 2023 08:02:57 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1qjrmhn8opVNFYoVsdM4tooXvpEzodL21IPE6u3IQdS7HImEVGzLNJ1ke8YYOLxvZRpSjqshqETaHZDTd79ecAdDxo7besAVigWvztvF%2BMfWpeOPjlj7h9IaBwDKBcq5d8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cd47fb56edd0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277880/1672929850/images/logo-red.png

95.101.10.67

200 OK

5.4 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/images/logo-red.png
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 100 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5391 bytes)
Hash
af5ea8de2e2fa7543cdacc04ad53d4ca
09b884ce4522058ca7fcad459c40d5f30ac3b111
f2a23eb9ee6b06f7b3daaa71257a75fb51832c3956c091741026536b14e4414b

HTTP Headers

GET /landings/277880/1672929850/images/logo-red.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: XdPGmYJDDmsAhiNKjxfHal4mH2oyk/jIb/1RdcFIuwp1uukH8ufxhSicZMkxTN7SftfrNfjGHPs=
x-amz-request-id: DG1KD11G2CHRN2W6
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "af5ea8de2e2fa7543cdacc04ad53d4ca"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5391
Date: Fri, 26 May 2023 08:02:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61d13c286970b667c506166085b27432
e17257068ae421f755f2c671371b2fdfc3ea7fe1
68a17d38798d905ccc0ea237654927ec0a6c66c5164909e9a21e3344a576fd62

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61d13c286970b667c506166085b27432
e17257068ae421f755f2c671371b2fdfc3ea7fe1
68a17d38798d905ccc0ea237654927ec0a6c66c5164909e9a21e3344a576fd62

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css

142.250.74.35

200 OK

4.2 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (23228), with no line terminators
Size
4.2 kB (4205 bytes)
Hash
edf649e1b11a33833272345187bd4eec
73427e2ab282e5f89021e1c7d20f83eaf9830283
553d768412bca504a0c8771705f681dad359370bdcea637298ca5aa486017a06

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 19:11:35 GMT
expires: Thu, 23 May 2024 19:11:35 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 132683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13b26f5afbecdd78566b3b54ab77caed
6b16c5910ad9ea57236d6954290be6fce8f62c6b
9fd32213a6b40b68ac06d5d6bf9c6ab0793f7f0464407b348c6e290f91870a90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_main

142.250.74.74

200 OK

76 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_main
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (1573)
Size
76 kB (76232 bytes)
Hash
e573f520bd8dcdfb40e91a9e0e66e527
7182f9fdf1d72c2f42cbbfda617cb81e34a44044
366f944dab73002110a6add4e66a3eb915695bc4f1244da14080a4bc248880c6

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.klVF4ux5xF8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptfDPTfF2jq4TQUYpl_lGvaR-NBg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 76232
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 20:45:18 GMT
expires: Fri, 24 May 2024 20:45:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 May 2023 21:10:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 40660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13b26f5afbecdd78566b3b54ab77caed
6b16c5910ad9ea57236d6954290be6fce8f62c6b
9fd32213a6b40b68ac06d5d6bf9c6ab0793f7f0464407b348c6e290f91870a90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:02:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

3.3 kB

URL GET HTTP/3
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 08:05:11 GMT
expires: Sun, 19 May 2024 08:05:11 GMT
cache-control: public, max-age=31536000
age: 518267
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn-adef.akamaized.net/landings/277880/1672929850/images/favicon.png?t=20230526080255

95.101.10.67

200 OK

5.4 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/images/favicon.png?t=20230526080255
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 100 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5391 bytes)
Hash
af5ea8de2e2fa7543cdacc04ad53d4ca
09b884ce4522058ca7fcad459c40d5f30ac3b111
f2a23eb9ee6b06f7b3daaa71257a75fb51832c3956c091741026536b14e4414b

HTTP Headers

GET /landings/277880/1672929850/images/favicon.png?t=20230526080255 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Pc7oCjDaznXBPRjtMRXWmI+XukuubLQGLb3Rl7WySAPmbhkmewM2ZY63AsppXmUtteqGmCBpnGU=
x-amz-request-id: HEJZWG4AZTFXR6WH
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "af5ea8de2e2fa7543cdacc04ad53d4ca"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5391
Date: Fri, 26 May 2023 08:02:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277880/1672929850/images/favicon.png?t=20230526080255

95.101.10.67

200 OK

5.4 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/images/favicon.png?t=20230526080255
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 100 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5391 bytes)
Hash
af5ea8de2e2fa7543cdacc04ad53d4ca
09b884ce4522058ca7fcad459c40d5f30ac3b111
f2a23eb9ee6b06f7b3daaa71257a75fb51832c3956c091741026536b14e4414b

HTTP Headers

GET /landings/277880/1672929850/images/favicon.png?t=20230526080255 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Pc7oCjDaznXBPRjtMRXWmI+XukuubLQGLb3Rl7WySAPmbhkmewM2ZY63AsppXmUtteqGmCBpnGU=
x-amz-request-id: HEJZWG4AZTFXR6WH
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "af5ea8de2e2fa7543cdacc04ad53d4ca"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5391
Date: Fri, 26 May 2023 08:02:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 15:58:39 GMT
expires: Wed, 22 May 2024 15:58:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 230659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.74

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 26 May 2023 08:02:58 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=D3lD6v3WXKKqCTyOqxAhnlbKGN2BSGagWYW1ve6e37-wcPqbFf11PKTJE1oNm_U0hGB8CsI7t-F9eL8NHl1qK5g6WsmAjei87XxniSpnbH1uyQIqrtGo2PIn9HcSxKZAKVHqzkUq9Aa8dBdeqpcz1mKtX3UlauXzcg73LluHu84; expires=Sat, 25-Nov-2023 08:02:58 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+227; expires=Sun, 25-May-2025 08:02:58 GMT; path=/; domain=.googleapis.com; Secure
expires: Fri, 26 May 2023 08:02:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.74

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: https://ptm.totalhighlyefficientdefence.site/
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://ptm.totalhighlyefficientdefence.site
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Fri, 26 May 2023 08:03:08 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+629; expires=Sun, 25-May-2025 08:03:08 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 08:03:08 GMT
cache-control: private

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.74

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 224
Origin: https://ptm.totalhighlyefficientdefence.site
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://ptm.totalhighlyefficientdefence.site
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 26 May 2023 08:03:08 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+939; expires=Sun, 25-May-2025 08:03:08 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 08:03:08 GMT

cdn-adef.akamaized.net/landings/277880/1672929850/images/logo.png

95.101.10.67

200 OK

3.6 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277880/1672929850/images/logo.png
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 100 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3619 bytes)
Hash
fac400941652b9e4da713b818ca13822
67546046d8f76504855e095ba9dcc5e4bcaddd0e
0da8e901848697aca8328a2a3c26a024b7163bd0eeafddf72f4ac119553fba87

HTTP Headers

GET /landings/277880/1672929850/images/logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: L0e0dYZDWkrGaosgodznUArCFjj9OUnxOpwirETrIZgscsn2W4AvG8nqDVqcczB6ARUr4LbHma8=
x-amz-request-id: DG1QC1BYNFH744XN
Last-Modified: Thu, 05 Jan 2023 14:44:12 GMT
ETag: "fac400941652b9e4da713b818ca13822"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3619
Date: Fri, 26 May 2023 08:02:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

80 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://ptm.totalhighlyefficientdefence.site/c/0ee0b69d1847d43d?bid=0.0093&s1=ph4-mcv4-us&s3=duy&s4=&s5=runteqgwucwqtl0&s6=&s7=893428&s8=8bbzfni1c1l&clickid=bwxa0t8nt7v
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (2450)
Size
80 kB (79721 bytes)
Hash
062e08e0043f6d96a75d32196dae474e
a0284e4fd50152a7b13e635d721a7c95f66310c0
c5b86fefeea365e4a14a28bb31882ddd3f4e357f049394cfd7f227781c20cf46

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ptm.totalhighlyefficientdefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 May 2023 08:02:58 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+165; expires=Sun, 25-May-2025 08:02:57 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML